<?php 
	session_start(); 
	if (isset($_POST['EditInfo'])) {
		if (isset($_POST['lastname'])){
	        $lastname = $_POST['lastname']; 
	        if ($lastname == '') {
	            unset($lastname);
	            exit ("LastName cannot be empty!");
	        } 
	    } else {
	        exit ("Not set lastname!");
	    }
	    if (isset($_POST['firstname'])){
	        $firstname = $_POST['firstname']; 
	        if ($firstname == '') {
	            unset($firstname);
	            exit ("FirstName cannot be empty!");
	        } 
	    } else {
	        exit ("Not set firstname!");
	    }
		if (isset($_POST['phonenumber'])){
	        $phonenumber = $_POST['phonenumber']; 
	        if ($phonenumber == '') {
	            unset($phonenumber);
	            exit ("PhoneNumber cannot be empty!");
	        } 
	    } else {
	        exit ("Not set phonenumber!");
	    }
	    if (isset($_POST['email'])){
	        $email = $_POST['email']; 
	        if ($email == '') {
	            unset($email);
	            exit ("E-Mail cannot be empty!");
	        } 
	    } else {
	        exit ("Not set email!");
	    }
	    if (isset($_POST['password'])){
	        $password = $_POST['password']; 
	        if ($password == '') {
	            unset($password);
	            exit ("Input password, please!");
	        } 
	    } else {
	        exit ("Not set password!");
	    }
	    if (isset($_POST['password_confirmation'])){
	        $password_confirmation = $_POST['password_confirmation']; 
	        if ($password_confirmation == '') {
	            unset($password_confirmation);
	            exit ("Pasword Confirmation cannot be empty!");
	        } 
	    } else {
	        exit ("Not set password_confirmation!");
	    }
	    $lastname = stripslashes($lastname);
	    $lastname = htmlspecialchars($lastname);
	    $firstname = stripslashes($firstname);
	    $firstname = htmlspecialchars($firstname);
	    $email = stripslashes($email);
	    $email = htmlspecialchars($email);
	    $password = stripslashes($password);
	    $password = htmlspecialchars($password);
	    $password_confirmation = stripslashes($password_confirmation);
	    $password_confirmation = htmlspecialchars($password_confirmation);
	    $lastname = trim($lastname);
	    $firstname = trim($firstname);
	    $email = trim($email);
	    $password = trim($password);
	    $password_confirmation = trim($password_confirmation);
	    $_SESSION['lastname'] = $lastname;
	    $_SESSION['firstname'] = $firstname;
	    $_SESSION['phonenumber'] = $phonenumber;
	    $_SESSION['email'] = $email;
	    $_SESSION['password'] = $password;
	    $_SESSION['password_confirmation'] = $password_confirmation;
		if (!preg_match("/^[a-zA-Z0-9_\.\-]+@([a-zA-Z0-9\-]+\.)+[a-zA-Z]{2,6}$/", $email)) {
	    	$_SESSION['error'] = "Incorrect E-Mail address!";
	    	echo "<meta http-equiv='Refresh' content='0; URL=edit_info.php'>";	
	    	exit;
	    }
	    if (strcmp($password_confirmation , $password) != 0) {
	    	$_SESSION['error'] = "Passwords are not same!";
	    	echo "<meta http-equiv='Refresh' content='0; URL=edit_info.php'>";	
	    	exit;
	    }

	    $password = md5($password);
	    $id = $_SESSION['id'];
	    $connection = mysql_pconnect("localhost" , "root" , "31122001");
    	mysql_select_db("kt_site");
	    mysql_query("UPDATE users SET lastname = '".$lastname."', firstname = '".$firstname."', email = '".$email."', phonenumber = '".$phonenumber."', password = '".$password."' WHERE id = ".$id.";");
	    $_SESSION['message'] = "Data has beed edited";
	    echo "<meta http-equiv='Refresh' content='0; URL=index.php'>";	
	} else if (isset($_POST['Cancel'])) {
		echo "<meta http-equiv='Refresh' content='0; URL=index.php'>";
	}
?>
